Skip to content

Bump the composer group across 1 directory with 3 updates#348

Open
dependabot[bot] wants to merge 1 commit into
v3-remasteredfrom
dependabot/composer/backend/composer-2a721d22d0
Open

Bump the composer group across 1 directory with 3 updates#348
dependabot[bot] wants to merge 1 commit into
v3-remasteredfrom
dependabot/composer/backend/composer-2a721d22d0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 28, 2026

Copy link
Copy Markdown
Contributor

Bumps the composer group with 3 updates in the /backend directory: symfony/yaml, phpunit/phpunit and symfony/process.

Updates symfony/yaml from 7.3.5 to 7.4.12

Release notes

Sourced from symfony/yaml's releases.

v7.4.12

Changelog (symfony/yaml@v7.4.11...v7.4.12)

v7.4.11

Changelog (symfony/yaml@v7.4.10...v7.4.11)

v7.4.10

Changelog (symfony/yaml@v7.4.6...v7.4.10)

v7.4.8

Changelog (symfony/yaml@v7.4.7...v7.4.8)

  • no significant changes

v7.4.6

Changelog (symfony/yaml@v7.4.5...v7.4.6)

v7.4.1

Changelog (symfony/yaml@v7.4.0...v7.4.1)

v7.4.0

Changelog (symfony/yaml@v7.4.0-RC3...v7.4.0)

  • no significant changes

v7.4.0-RC2

Changelog (symfony/yaml@v7.4.0-RC1...v7.4.0-RC2)

v7.4.0-RC1

Changelog (symfony/yaml@v7.4.0-BETA2...v7.4.0-RC1)

v7.4.0-BETA1

Changelog (symfony/yaml@v7.3.4...v7.4.0-BETA1)

... (truncated)

Commits
  • 8b6952b Merge branch '6.4' into 7.4
  • 68dcd1f Merge branch '5.4' into 6.4
  • b0b2705 [Yaml] Harden the Parser::cleanup() regexes against catastrophic backtracking
  • 5a351ff [Yaml] Bound collection-alias resolution in the parser
  • e2eb64a Merge branch '6.4' into 7.4
  • e4fb993 [Yaml] Reject non-stringables when using "!!binary"
  • b02ba66 [Yaml] Bound recursion depth in the parser
  • c660d65 Merge branch '6.4' into 7.4
  • f8d2f4a [Yaml] fix flow collection drops &anchor and !!str &anchor items
  • 563e765 Update XSD references in phpunit.xml.dist files
  • Additional commits viewable in compare view

Updates phpunit/phpunit from 11.5.44 to 11.5.50

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 11.5.50

Changed

  • To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.49

Fixed

  • #6362: Manually instantiated test doubles are broken since PHPUnit 11.2
  • #6470: Infinite recursion in Count::getCountOf() for unusal implementations of Iterator or IteratorAggregate

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.48

Changed

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.47

Fixed

  • #6470: Mocking a class with a property hook setter accepting more types than the property results in a fatal error

... (truncated)

Changelog

Sourced from phpunit/phpunit's changelog.

[11.5.50] - 2026-01-27

Changed

  • To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs

[11.5.49] - 2026-01-24

Fixed

  • #6362: Manually instantiated test doubles are broken since PHPUnit 11.2
  • #6470: Infinite recursion in Count::getCountOf() for unusal implementations of Iterator or IteratorAggregate

[11.5.48] - 2026-01-16

Changed

[11.5.47] - 2026-01-15

Changed

  • PHPUnit\Framework\MockObject exceptions are now subtypes of PHPUnit\Exception

Fixed

  • #6470: Mocking a class with a property hook setter accepting more types than the property results in a fatal error

[11.5.46] - 2025-12-06

  • No changes; phpunit.phar rebuilt with PHP 8.4 to work around PHP-Scoper issue #1139

[11.5.45] - 2025-12-01

Changed

  • Updated list of deprecated PHP configuration settings for PHP 8.6

Fixed

  • #6408: Exception in a data provider method leads to internal PHPUnit error
  • #6426: Fix migration of configuration without schema location
Commits

Updates symfony/process from 7.3.4 to 7.4.13

Release notes

Sourced from symfony/process's releases.

v7.4.13

Changelog (symfony/process@v7.4.11...v7.4.13)

v7.4.11

Changelog (symfony/process@v7.4.8...v7.4.11)

v7.4.8

Changelog (symfony/process@v7.4.7...v7.4.8)

  • bug #63611 Throw InvalidArgumentException when env block exceeds Windows limit (Nadim AL ABDOU)

v7.4.5

Changelog (symfony/process@v7.4.4...v7.4.5)

v7.4.4

Changelog (symfony/process@v7.4.3...v7.4.4)

v7.4.3

Changelog (symfony/process@v7.4.2...v7.4.3)

v7.4.0

Changelog (symfony/process@v7.4.0-RC3...v7.4.0)

  • no significant changes

v7.4.0-RC1

Changelog (symfony/process@v7.4.0-BETA2...v7.4.0-RC1)

  • no significant changes

v7.4.0-BETA1

Changelog (symfony/process@v7.3.4...v7.4.0-BETA1)

  • no significant changes

v7.3.11

Changelog (symfony/process@v7.3.10...v7.3.11)

  • security #cve-2026-24739 Fix escaping for MSYS on Windows (nicolas-grekas)

... (truncated)

Commits
  • f5804be Merge branch '6.4' into 7.4
  • c8fc09b [Process] Stop leaking CGI/FastCGI request-context vars to subprocesses
  • d9593c9 Merge branch '6.4' into 7.4
  • 6c93071 [Process] Ignore array env values before proc_open
  • 7eab480 [7.4] Remove usages of named arguments in tests
  • 89c0b22 Update XSD references in phpunit.xml.dist files
  • e79d445 Merge branch '6.4' into 7.4
  • 7b8e6e8 More CS fixes
  • 2df4ad6 Merge branch '6.4' into 7.4
  • 5731331 CS fixes - native_function_invocation & static_lambda
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the composer group across 1 directory with 3 updates
4c12a51 
Bumps the composer group with 3 updates in the /backend directory: [symfony/yaml](https://github.com/symfony/yaml), [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) and [symfony/process](https://github.com/symfony/process).


Updates `symfony/yaml` from 7.3.5 to 7.4.12
- [Release notes](https://github.com/symfony/yaml/releases)
- [Changelog](https://github.com/symfony/yaml/blob/8.1/CHANGELOG.md)
- [Commits](symfony/yaml@v7.3.5...v7.4.12)

Updates `phpunit/phpunit` from 11.5.44 to 11.5.50
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases)
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/11.5.50/ChangeLog-11.5.md)
- [Commits](sebastianbergmann/phpunit@11.5.44...11.5.50)

Updates `symfony/process` from 7.3.4 to 7.4.13
- [Release notes](https://github.com/symfony/process/releases)
- [Changelog](https://github.com/symfony/process/blob/8.1/CHANGELOG.md)
- [Commits](symfony/process@v7.3.4...v7.4.13)

---
updated-dependencies:
- dependency-name: symfony/yaml
  dependency-version: 7.4.12
  dependency-type: direct:production
  dependency-group: composer
- dependency-name: phpunit/phpunit
  dependency-version: 11.5.50
  dependency-type: direct:development
  dependency-group: composer
- dependency-name: symfony/process
  dependency-version: 7.4.13
  dependency-type: indirect
  dependency-group: composer
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from NaysKutzu as a code owner May 28, 2026 02:38
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update php code labels May 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NaysKutzu NaysKutzu Awaiting requested review from NaysKutzu NaysKutzu is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants